- national implementing laws, regulations and secondary legislation in the UK, including the Data Protection Act 2018 (which implemented the UK version of the General Data Protection Regulation (GDPR) 2018); and
- the EU version of the General Data Protection Regulation (where applicable).
ClearCourse Membership Services Limited (“we”, “us”, “our” and “ours”) is a provider of CRM systems and services in the NFP We are registered in England and Wales under company number 01811900 and our registered office is at 10-12 Eastcheap, LONDON, EC3M 1AJ . We are a member of the ClearCourse Partnership LLP group of companies.
- we have a direct contract with you for our products and services or where you provide your personal data directly to us (in circumstances where we are not acting on behalf of someone else) for example, through use of our website, we will normally be considered to be a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you.
- where we have a contract with someone else instead of directly with you, for example a contract under which we provide that business with our products and services and, in connection with that contract, they provide us with your personal data (typically this will be a contract with another business – perhaps your employer, a membership organisation or another company which is providing our products or services to you or using them to deliver their products and services to you), we will normally be considered to be a “data processor”. In these circumstances, the other business will be the “data controller” and it will be responsible for deciding how we hold and use personal data about you. Our use of your personal data is governed by the terms of that contract.
Our legal grounds for processing your Personal Data
Where we are acting as a data controller:
- we may process your personal data to enable us to comply with any instructions you give to us or any obligations we owe to you including enabling us to perform a contract with you or to comply with our legal obligations.
- we may also process your personal data for the purposes of our own legitimate interests (provided that those interests do not override any of your own interests, rights and freedoms which require the protection of personal data).
This includes processing for statistical, management and business development purposes, for example seeking your thoughts and opinions on the services we provide to you and notifying you about any changes to our products and services. It may also include processing for marketing purposes, such as providing you with information related to any our products or services which we think may interest you (subject to your rights set out in section 3).
we may also process your personal data for other purposes but (unless this is in circumstances where the reason for doing so is compatible with the original purpose or we have other lawful grounds for doing so) this will usually only happen where we have obtained your specific consent. If that is the case, then you also have the right to withdraw your consent, which you can do by contacting us in writing at the address set out in below.
Please note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
Where we are acting as a data processor:
- the business that has provided your personal information to us is itself responsible for ensuring that it has lawful grounds to do so and for providing us with instructions as to the specific types of personal data we are permitted to process; and
- the ground(s) upon which that business is entitled to process your personal data is determined by them not us (and may vary from organisation to organisation); and
- unless Data Protection Legislation requires or permits otherwise, we will process that personal data only in accordance with their instructions and for the purposes of enabling us to perform our obligations under our contract with them.
Your individual rights
Access to information
We want to make sure that you are fully aware of your data protection rights. These are set out in summary form in sections 5 – 3.13 below and apply to us in our role as a data controller. You can also obtain more detailed information about your rights under the Data Protection Legislation from the Information Commissioner’s office by clicking on this link – www.ico.org.uk. Our contact details for the purposes of requesting access to your personal data or exercising any of your other data protection rights are below.
Please note that, in order to comply with any request, we may first require you to verify your identity and we will normally fulfil any request by sending information electronically, unless the request expressly specifies a different method. We will not charge a fee for responding to your request, other than in circumstances where you make a request which is manifestly unfounded or excessive or you request further copies of information which we have already provided to you. In that case, we are entitled to charge a reasonable administrative fee.
Please also note that, where we are acting as a data processor, we will not be responsible for answering your request ourselves but will pass it onto the business organisation that provided us with your personal data (in their role as data controller) so that they may then determine how best to respond to it.
Timescales for responding
If you make a request of us (in our role as a data controller), we will normally have one month to respond to you. If we need something from you to be able to deal with your request (e.g. an ID document), the time limit will begin once we have received this. This time limit may also be extended in certain circumstances so, if there is any reason why our response to you might take longer than a month, we will let you know.
Summary of your rights
Withdrawal of consent – where our legal ground for processing your personal data is based upon you having given us your consent to do so, you have the right, at any time, to withdraw that consent (please see section 1.3 above). Please note that this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Right of access – you have the right to obtain:
- confirmation that your personal data is being processed;
- access to your personal data.
Right to rectification – you are entitled to have your personal data rectified if it is inaccurate or incomplete.
Right to erasure – (sometimes referred to as ‘the right to be forgotten’). The broad principle underpinning this right is to enable you to request the deletion or removal of your personal data whether there is no compelling reason for its continued processing.
Right to restrict processing – you are entitled to restrict the processing of your personal data if:
- you are contesting the accuracy of the personal data (until the accuracy has been verified);
- you object to the processing, in circumstances where the processing was necessary for the performance of a public interest task or on the grounds of our or someone else’s legitimate interests (whilst we consider whether those legitimate grounds override your interests).
- the processing is unlawful but you have decided not to have it erased but requested restriction instead.
- if we no longer need the personal data but still have it and you require it to establish, exercise or defend a legal claim.
Right to data portability – in certain limited circumstances, you are able to obtain and reuse your personal data for your own purposes across different services by being allowed to move, copy or transfer personal data easily from one IT environment to another.
Right to object – you are entitled to object to:
- processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
- direct marketing (including profiling); and
- processing for purposes of scientific/historical research and statistics.
Rights relating to automated decision-making and profiling – these rights don’t apply to all circumstances but, where they do apply, they effectively provide you with safeguards against the risk that a potentially damaging decision is taken solely using or supported by automated means, without human intervention.
Information Collection, Use and Storage
If you contact us, we will keep a record of that correspondence. We may also collect and process personal data that you provide by filling in forms or making requests for information on our website. This includes information provided at the time of registering to use our website, requesting information from us or subscribing to any of our services. It also includes material contributed through any interactive service, including information that you (or someone authorised by you on your behalf) input into our products and services.
Please also note that it is your responsibility (irrespective of whether you are acting as an individual or a business user of our products and services) to always ensure that (i) when you provide us with any personal data relating to any third party, that third party has given their prior consent (or you have other lawful grounds) to enable you to do so; [and (ii) you must not, when using the products and services, provide or input any of the following kinds of information [considered to be a “special category” of personal data under the Data Protection Legislation such as data revealing racial or ethnic origin, political opinions; religious or philosophical beliefs, or genetic data or biometric data, a person’s sex life or a person’s sexual orientation].]
Any personally identifiable information you elect to make publicly available on our website (e.g. posting comments on a blog page, if that type of facility is available for your use) will be visible to others.
As mentioned previously, we may (in our role as a data processor) be provided with information about you from another business or collect information about you or from you on their behalf. It is important that the personal information we hold about you is as accurate and up to date as possible so, should your personal information change, please notify us of that change, in writing, as soon as possible.
When you visit our website, we may collect information from you automatically through cookies or other similar technology. Cookies are small text files that may be placed on your computer when you visit a website or click on a URL. Cookies (and other similar technologies) may collect your IP address, support security and authentication services, gather information from visitors to websites such as pages visited and how often they are visited and also enable certain features on the website. Cookies may include “single-session cookies” which generally record information during only a single visit to our website and then are erased, and “persistent” cookies, which are generally stored on your computer or other device unless or until they are deleted or are set to expire. We may use our own cookies or third party cookies.
We may also use various web/analytics tools to understand how our website is being used in order to improve user experience [(such as web beacons, which are a technique delivered through a web browser or in an email, to unobtrusively – an usually invisibly – check that a user has accessed some content and/or track the journey of the user navigating through the website or a series of websites)] as well as tools to provide us with statistics relating to the use of our website [and those which show you advertisements for our products and services which we think may be of interest to you as you browse other websites.
(please note that, because the management of cookies differs as between different browsers, you should consult the documentation of your own browser in order to manage your cookies).
Please also note that if you delete or block cookies which are necessary to enable our website to carry out certain functions, this may cause you to be unable to use all or part of our website and/or services.
How long do we hold personal data for?
Where we are acting as a data controller, we will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected. Normally this will result in personal data being deleted from our systems no later than 12 months from the date it was last processed (other than to the extent that we need to retain it for the purposes of complying with our legal or contractual obligations including those relating to our statutory and regulatory obligations and our financial, business and tax affairs).
In assessing whether any longer retention period is appropriate for your personal data, we take into consideration:
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the type of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
Where we are acting as a data processor, we will retain personal data for the period agreed in our contract with the business that engaged us for that purpose (unless otherwise required or permitted by the Data Protection Legislation).
Please note that, if you or we terminate any service we provide to you, then (irrespective of whether we are acting as a data controller or a data processor) we do not accept any obligation to retain any or all of the personal data provided to us in connection with or processed by that service and we may delete it from our systems at any time.
Storage and Security
Information (including personal data) collected through our website and services may be stored and processed in the UK, Europe, the United States, or any other country in which we or our subsidiaries, group companies, affiliates or service providers maintain facilities.
Regardless of where data is stored and processed, we are committed to taking all reasonable steps to ensure that your personal data is secure. In order to prevent unauthorised access or disclosure, we put in place suitable technological, physical, electronic and managerial procedures to safeguard and secure all personal data stored and processed by us. We also ensure that any subcontractor or other service provider which we engage to support our business activities or help deliver our products and services and which has access to your personal data, commits to us, in writing, to do the same.
If we transfer your personal data to any country outside of the UK for processing, please be assured that we will only do so in compliance with the Data Protection Legislation.
Sharing personal information
Where we are acting as a data processor, we will share your personal data with the business that provided your personal data to us (or authorised us to collect that data on their behalf) in the manner and to the extent set out in the contract between them and us. That business may be the data controller of your personal data or it may be another data processor interposed between the data controller and us.
Regardless of whether we are acting as a data processor or a data controller, we may need to share your personal data from time to time with other organisations, typically those which provide services to us in support of our business activities and/or delivery of the products and services which we provide to you. This may include third parties such as technology service providers, third party subcontractors, payment service providers and businesses that help us manage our customer relationships and marketing activities. If this is the case, we will do in accordance with the protections that are afforded to you under the Data Protection Legislation and we will always ensure that we have a written contract in place with them before we allow them access to your personal data or provide your personal data to them.
[We may also share your personal data with other members of our group of companies for financial, management or administrative purposes. ]
Other than as set out above, we do not rent, sell or distribute your personally identifiable information to third parties unless we have your permission or are required or permitted by law to do so.
We would like to send you information about our products and services from time to time as well as announcements, articles and press releases that we think you might like (including those of our group companies). We may engage marketing companies to help us do this and we may use our (and their) software tools to help us track your engagement with us and monitor our marketing campaigns.
In some circumstances we may have a legal right to send you marketing material, in others you may have given us your consent to do so. Either way, you always have the right, at any time, to stop us from contacting you for marketing purposes or to stop us passing your personal data to third parties for marketing purposes (assuming you have previously given your consent to us to that). You can do this by opting out from our marketing emails at any time by clicking on ‘unsubscribe’ or by simply contacting us in writing.
If we wish to contact you we may do so by phone, email, text, fax or post.
If you have notified us of a preferred method of communication, we will always try to comply with that. Please let us know if we don’t so that we can then check and, where necessary, update our records.
How to contact us
UK and non-EEA enquiries
Email us at firstname.lastname@example.org
Call us at 020 7173 0500
Write to us at 10-12 Eastcheap, LONDON, EC3M 1AJ
As a result of the UK leaving the EU, there are circumstances where the EU GDPR requires us to have an EU Representative to act as a point of contact to:
- facilitate the exercise of data subjects’ rights within the EEA; and
- co-operate with the competent supervisory authorities in respect of any action, investigation or claim under the EU GDPR.
To that end, we have appointed an EU Representative, which is Portrilio Solutions, part of Trillium Limited, which is a member of the ClearCourse Partnership LLP group of companies. If you wish to contact them (instead of us directly) they can be contacted as follows:
|Email us at:||email@example.com|
|Call us:||+351 21 122 6881|
|Write to us at:||Portrilio Solutions, Rua Julio Dinis, Centro Empresarial Sala 402, n561, 4 4050-460 Porto.|
We always work hard to treat our customers fairly and hope that you will not experience any reason to make a complaint about the way in which we have collected, stored or processed any of your personal data. However, if you do wish to make a complaint please always contact us, in the first instance, and we will endeavour to resolve the matter as quickly as we can.
How to contact the appropriate authority
UK and non-EEA enquiries:
If you are based in the UK or outside of the EEA and wish to report a complaint or if you feel that we have not addressed a concern that you may have about our data processing activities in a satisfactory manner, you may contact the Information Commissioner’s Office.
Phone number: 0303 123 1113
If you are based within the EEA and wish to report a complaint or if you feel that we have not addressed a concern that you may have about our data processing activities in a satisfactory manner, you may contact your local Supervisory Authority (who may then contact our EU Representative).
Millertech will strive to improve its environmental and social performance and to contribute to a better quality of life, now and for generations to come. This will be achieved by:
- Aiming to improve our economic, environmental and social performance, integrating environmental and social factors in our management systems and programmes and in our commercial decisions
- Identifying significant aspects and impacts of our activities, including changes, on society and the environment and developing programmes to minimise these impacts
- Setting clearly defined objectives and targets addressing our environmental and social issues
- Meeting or exceeding requirements of relevant rules and regulations
- Using natural resources efficiently, minimising waste and harmful releases to the environment
- Working constructively with organisations concerned for communities, society and the environment
- Raising awareness of environmental and social issues with staff, partners and suppliers, who we will seek to influence to adopt similar policies
- Undertaking open dialogue on our environmental and social programmes with our staff, customers and other stakeholders
- Providing support, advice and training to staff on matters relating to our environmental and social performance
- Monitoring, auditing and reviewing our performance
- Regularly reviewing policies and management systems in these areas in order to drive for continual improvement
Specific aspects of social and environmental performance are covered in other policy documents, including the Code of Conduct,
the Health & Safety Instructions, and the Employment Guide.
Responsibilities for implementing the policy
All staff are responsible for safeguarding, as far as they are able, both their working environment and the greater environment surrounding our operations. This includes:
- Complying with environmental standards and procedures
- Notifying management and supervisors of potential hazards
- Avoiding needless wastage of energy and materials
All line managers, in relation to activities under their individual control, are responsible for identifying and ensuring compliance with environmental regulations affecting our environment. Each Director shall address environmental matters regularly, identify items requiring action and make sure they are followed up. Line managers must:
- Establish individual responsibilities, objectives and accountabilities for subordinate staff in environmental matters
- Develop and maintain procedures to protect the working and external environment
- Monitor implementation of procedures and working practices and take swift and appropriate steps to put deficiencies right
- Ensure that a statement of environmental impact, tailored to specific requirements, is prepared as part of the planning of facilities and operations and for modifying or abandoning them
- Investigate and report all environmental incidents and near misses and take necessary follow up actions
- Review regularly the use of materials and energy in order to reduce waste, optimise recycling and select materials compatible with environmental objectives
- Periodic assessments, audits and reviews of facilities and operations to ensure compliance with this policy
- Provision of support and advice on environmental matters throughout Millertech operations
- Promoting workable procedures, codes of practice and working co-operatively in emergencies
- Encouraging initiatives to implement this policy and research to reduce environmental problems
- Keeping staff, relevant authorities and, as appropriate, the public informed of our efforts to protect and improve the environment
- Interpreting and ensuring implementation of this policy and updating it as required
Millertech believes that diversity enriches both our performance and our products, the communities in which we work and live and the lives of our employees. We understand this value and reflect this in our day-to-day activities.
As an organisation we continue to grow the business by investing in a team that is made up of passionate, smart and talented people from all different backgrounds and cultures. Millertech defines diversity to extend beyond race, national origin, gender, age, disability, sexual orientation, or gender identity or expression – it is this diversity that gives the team the rich mix of experiences and abilities.
This policy results in a multitude of fresh ideas and creative thinking as we adapt our business processes to help our growing workforce and increase the benefits to our client base of the solutions and services we provide.
Millertech is an equal opportunities employer. This means that it is the Company’s policy that there should be no discrimination against or harassment of any employee or job applicant either directly or indirectly on the grounds of:
- Race, colour, nationality or national or ethnic origin (“race”)
- Sex or marital status
- Disability (e.g., a long term mental or physical impairment)
- Sex change status
- Sexual orientation
- Religion or philosophical belief
- Political belief
- Trade Union activity or
The Company’s policy is to:
- Eliminate, as far as is reasonably possible, discrimination and harassment from the workplace;
- Encourage all its employees to take an active role against all forms of discrimination and harassment;
- Deter employees from participating in discriminatory behaviour or harassment;
- Demonstrate to all employees that they can rely upon the Company’s support in cases of discrimination or harassment at work
The Company is fully committed to providing a good and harmonious working environment that offers equal treatment and equal opportunities for all employees and where every employee is treated with respect and dignity. The Company’s aim is that remuneration, recruitment, promotion and retention should not be affected by irrelevant considerations and stereotyping.
The Company recognises that the provision of equal opportunities in the workplace is not only good management practice, it also makes sound business sense. The Company’s equal opportunities policy will help all employees develop their full potential and the talents and resources of the workforce will be fully utilised to maximise the efficiency of the organisation.
Whilst the Company recognises that the overall responsibility for the effective operation of this policy lies with the Board of Directors, all employees, whatever their position within the Company, have some measure of responsibility for ensuring its effective implementation in their day-to-day activities and working relationships with colleagues. Employees should ensure that:
- They co-operate with any measures introduced to develop equal opportunities
- They respect the sensitivities of others
- They refrain from taking discriminatory actions or decisions which are contrary to either the letter or spirit of this policy and for employees of managerial status, that they ensure that those who report to them also comply with the policy
- They do not instruct, induce, or attempt to induce or pressurise other employees to act in breach of this policy
- Employees who make complaints of breaches of this policy are treated fairly and responsively both when the complaint is made and thereafter
- Breaches of the Company’s equal opportunities policy and procedures and any unfair or unlawful discrimination will not be tolerated and will be dealt with under the Group’s disciplinary procedures. In serious cases, this could lead to dismissal of the relevant individual.
- The policy shall also apply to employees of contractors working at the Company’s premises.
General application of Policy
Recruitment and selection
The selection process is of crucial importance in this policy and must be carried out according to objective job-related criteria which must be subject to regular review. The effectiveness of the policy will be determined to a great extent by this aspect of employment procedure. The Company will endeavour through appropriate training to ensure that employees making selection decisions will not discriminate whether consciously or unconsciously in making these decisions.
Equal opportunities must be integrated into all training concerned with selection skills, staff assessment, counselling, staff development and the management or supervision of staff. The importance of equal opportunities in the field of customer care initiatives is also recognised. The Company’s policy will form part of the induction training of all staff.
It is in the Company’s interest to provide equal opportunities for promotion to all employees. Managers must continually assess the promotion potential of all employees and all promotion decisions must be made in accordance with objective selection criteria.
Grievance and discipline
Employees who believe that they have experienced unfair or unlawful discrimination or racist or sexist abuse or harassment should raise their concern through the applicable grievance procedure in their local area. Where such grievances may concern the normal line of supervision or management, individuals may approach the relevant Group HR director.
Examining the effects of policy and programmes of action on a regular and structured basis is a fundamental part of the process of successfully establishing equal opportunities. Personnel data is therefore collected (on an anonymous basis), analysed an interpreted across the Group. The objectives of monitoring are:
- To identify areas of and reasons for under-representation of particular groups in the workforce
- To assess the effect of employment procedures and practices and identify any unintentional impact on particular groups
- To enable appropriate corrective action to take place, including defining targets for future change
- To enable the Company to review and reshape its equal opportunities policy and programme of action
This policy and accompanying action programmes must be communicated widely and effectively throughout the workforce and to potential employees.
Bankers: Natwest, 1 St Philips Place, Birmingham, B3 2PP
Legal Advisors: Pinsent Masons LLP, 3 Colmore Circus Queensway, Birmingham, West Midlands, B4 68H